Install modsecurity.
apt-get install libapache2-modsecurity
Verify if the mod_security module was loaded.
apachectl -M | grep --color security
You should see a module named security2_module (shared) which indicates that the module was loaded.
Modsecurity's installation includes a recommended configuration file which has to be renamed:
mv /etc/modsecurity/modsecurity.conf{-recommended,}
Reload Apache
service apache2 reload
You'll find a new log file for mod_security in the Apache log directory:
ls -l /var/log/apache2/modsec_audit.log
returns:
-rw-r----- 1 root root 0 Oct 19 08:08 /var/log/apache2/modsec_audit.log